Routersploit Pi

DISCLAIMER

Any actions and or activities related to the material contained within this Website is solely your responsibility. The misuse of the information in this website can result in criminal charges brought against the persons in question. Cyber Security Associates Limited, will not be held responsible for any criminal charges brought against any individuals misusing the information in these projects to break the law.  

Please ensure you are using the latest SD Card image which is available here.

Teacher Overview

Kali Linux is an operating system (OS) used for ethical hacking and digital forensics, and is loaded with numerous tools such as nmap and metasploit. Kali Linux also has a range of security tools and digital forensic applications that can be applied to many situations and currently is one of the most popular OS for cyber security specialists. There are other OS made for penetration testing such as Parrot OS and Black Arch but generally it is easier to access Kali Linux than these alternatives.

The RouterSploit exploitation framework is very similar to Metasploit and uses the same options and commands. RouterSploit is an open-source framework, which allows an attacker to scan and use different exploits on a vulnerable target. When exploited, you can use different payloads to continue the exploitation to other machines on the same network; it all depends on what kind of vulnerability the router possesses. Routersploit is loaded with various modules that help the tool perform its functionality. These modules can be divided into the following categories.

  • Scanner Modules: Scanner modules are responsible for finding the vulnerabilities in the routers or embedded devices.

  • Exploits Modules:  Exploits modules are used to make use of the vulnerabilities identified by the scanners.

  • Payloads Modules: Payloads modules are responsible for generating the payloads that can be injected in routers and the devices that are connected with the seized router.

  • Generic Modules: Generic modules are used for launching the generic attacks.

In this project the students will be learning the basics of Routersploit, then they will be using it to scan different devices to look for vulnerabilities. If any are found they will use the exploits on the software to run against the vulnerabilities.

Suggested Year Group

The suggested age group is 16+, due to the nature of this project and the skills it is developing.

 

Learning Outcomes

  • Explain the basic principles of Routersploit;

  • Explain how to perform a scan on different devices to look for vulnerabilities and then exploit the vulnerabilities;

  • Teach the different uses of Routersploit.

 

Hardware Required

Component Number (Peli Case)

(Base) 4 + 5

(Base) 5

(Base) 9

(Level 1) 3

(Level 1) 3

(Level 1) 5

(Level 1) 1

Component Number (Box Case)

Slot 1

Slot 11

Slot 2

Slot 11

Slot 11

Slot 12

Slot 13

Component

Raspberry Pi + Case

Kali Linux SD Card

TFT Screen

HDMI

Wireless Keyboard

Wireless Mouse

Power Supply Unit

 

Video Guide

 

Conclusion

This project is designed to introduce the students to what Routersploit is and the applications this technology has in IT. The students have used the Raspberry Pi to run Routersploit, which has then been used to run a scan on a router to find vulnerabilities, then they have exploited the vulnerabilities. Routersploit is an extremely powerful toolkit, and this tutorial is just scratching the surface of what you can do with it. Keep in mind that the Raspberry is limited in processing power and will not be able to handle large volumes of traffic accurately.